<?php

App::import('Sanitize');
class UsersController extends AppController{

    var $name = 'Users';
    
    function register(){
        //if the form is submitted
        if(!empty($this->data)){
            //Some sanitize
            $this->data['User']['email_addr'] = Sanitize::paranoid($this->data['User']['email_addr'], array('@', '.', '-', '+','_'));
            $this->data['User']['first_name'] = Sanitize::paranoid($this->data['User']['first_name']);
            $this->data['User']['last_name'] = Sanitize::paranoid($this->data['User']['last_name']);
            
            if (($this->data['User']['passwd'] == $this->data['User']['repeat_passwd']) && $this->data['User']['passwd']) {
                $this->data['User']['passwd'] = md5($this->data['User']['passwd']);
                if($this->User->save($this->data)){
                    $user = $this->User->find('first', array(
                                              'conditions' => array('User.email_addr' => $this->data['User']['email_addr'])));
                    
                    //Moving and renaming the image uploaded
                    if($this->data['User']['image']['tmp_name']){

                        $target_path = 'img/profile/user/'.$user['User']['id'].'.jpg';

                        move_uploaded_file($this->data['User']['image']['tmp_name'], $target_path);
                    }

                    $this->Session->setFlash('You have registered successfully.', 'default', array('class' => 'success'));
                    $this->redirect(array('action' => 'login'));                    

                } else {
                    $this->data['User']['passwd'] = '';
                    $this->data['User']['repeat_passwd'] = '';
                }
            } else {
                $this->Session->setFlash('Password must match.');
                $this->data['User']['passwd'] = '';
                $this->data['User']['repeat_passwd'] = '';
            }
        }
    }

    function login(){
        if($this->data){
            $email = $this->data['User']['email_addr'];
            $pass = $this->data['User']['passwd'];

            //Some sanitize
            $pass = Sanitize::paranoid($pass,array('_'));
            $email = Sanitize::paranoid($email,array('_'),array('@', '.', '-', '+','_'));

            $user = $this->User->find('first', array('conditions'=>array('User.email_addr'=>$this->data['User']['email_addr'])));

            if($user && ($user['User']['passwd'] == md5($this->data['User']['passwd']))){
                $this->Session->write('account_type', 'user');
                $this->Session->write('user',$user);
                $this->redirect(array('controller' => 'events', 'action'=>'index'));
            } else {
                $this->Session->setFlash('Invalid login.');
            }
        }
    }

    function logout(){
        $this->Session->destroy();
        $this->redirect(array('action' => 'login'));
    }

    function edit_profile() {
        //if the form is submitted
        if(!empty($this->data)){
            $user = $this->Session->read('user');
            $this->User->id = $user['User']['id'];
            if($this->User->save($this->data)){
                $new_user = $this->User->find('first', array(
                                              'conditions' => array('User.id' => $user['User']['id'])));

                //Moving and renaming the image uploaded
                if($this->data['User']['image']['tmp_name']){

                    $target_path = 'img/profile/user/' . $new_user['User']['id'] . '.jpg';

                    move_uploaded_file($this->data['User']['image']['tmp_name'], $target_path);
                }

                $this->Session->write('user',$new_user);
                
                $this->Session->setFlash('Your profile information has been successfully updated.', 'default', array('class' => 'success'));
                $this->redirect(array('action' => 'edit_profile'));
            }
        }
        
        $this->data = $this->Session->read('user');
    }
}

?>
